pam_pkcs11
0.6.8
|
00001 /* 00002 * PKCS #11 PAM Login Module 00003 * Copyright (C) 2003 Mario Strasser <mast@gmx.net>, 00004 * Mapper module copyright (c) 2005 Juan Antonio Martinez <jonsito@teleline.es> 00005 * 00006 * This library is free software; you can redistribute it and/or 00007 * modify it under the terms of the GNU Lesser General Public 00008 * License as published by the Free Software Foundation; either 00009 * version 2.1 of the License, or (at your option) any later version. 00010 * 00011 * This library is distributed in the hope that it will be useful, 00012 * but WITHOUT ANY WARRANTY; without even the implied warranty of 00013 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 00014 * Lesser General Public License for more details. 00015 * 00016 * $Id: mapper_mgr.h 358 2008-11-06 14:28:46Z ludovic.rousseau $ 00017 */ 00018 00019 /* 00020 * this module manages dynamic load of mapping modules 00021 * also is used as entry point for cert matching routines 00022 */ 00023 00024 #ifndef _MAPPER_MGR_H_ 00025 #define _MAPPER_MGR_H_ 00026 00027 #ifdef HAVE_CONFIG_H 00028 #include <config.h> 00029 #endif 00030 00031 #include "../common/cert_st.h" 00032 #include "../scconf/scconf.h" 00033 #include "../mappers/mapper.h" 00034 00035 /* 00036 * mapper module descriptor 00037 */ 00038 struct mapper_instance { 00039 void *module_handler; 00040 const char *module_name; 00041 const char *module_path; 00042 mapper_module *module_data; 00043 }; 00044 00045 /* 00046 * mapper module list 00047 */ 00048 struct mapper_listitem { 00049 struct mapper_instance *module; 00050 struct mapper_listitem *next; 00051 }; 00052 00053 /* 00054 * load and initialize a module 00055 * returns descriptor on success, null on fail 00056 */ 00057 struct mapper_instance *load_module(scconf_context *ctx, const char * name); 00058 00062 void unload_module( struct mapper_instance *module ); 00063 00067 struct mapper_listitem *load_mappers( scconf_context *ctx ); 00068 00072 void unload_mappers(void); 00073 00074 /* 00075 * this function search mapper module list until 00076 * find a module that returns a login name for 00077 * provided certificate 00078 */ 00079 char * find_user(X509 *x509); 00080 00089 int match_user(X509 *x509, const char *login); 00090 00091 /* 00092 * This funcions goest throught the mapper list 00093 * and trying to get the certificate strings to be used on each 00094 * module to perform find/match functions. 00095 * No map / match are done: just print found strings on stdout. 00096 * This function is mostly used in pkcert_view toool 00097 */ 00098 void inspect_certificate(X509 *x509); 00099 00100 #endif